The core issue with your JWT decorator is the missing essential @ symbol. You are using jwt_required instead of @jwt_required() with a leading @ and following parentheses. Note that in class-based views or if you want to have more control over the authentication flow, it is recommended to use verify_jwt_in_request because it supports better error handling and ensures get_jwt_identity will never return None since it validates the token before it tries to extract its identity.